Re: making Debian secure by default

To: Lee <ler762@gmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: making Debian secure by default
From: tomas@tuxteam.de
Date: Thu, 28 Mar 2024 18:28:52 +0100
Message-id: <ZgWo1ICiS/7PbPIg@tuxteam.de>
In-reply-to: <[🔎] CAD8GWst7t-M5NUi9VVQQ0GRXXAL-dbO2YMZ1VGumF6msSQ4dNA@mail.gmail.com>
References: <[🔎] CAD8GWssBoRrCzW0TSUGxMeuY=y_bTM-nMuSO7_4g1Kyk79fgqQ@mail.gmail.com> <[🔎] ZgT78PHTtJppwDLd@tuxteam.de> <[🔎] CAD8GWst7t-M5NUi9VVQQ0GRXXAL-dbO2YMZ1VGumF6msSQ4dNA@mail.gmail.com>

On Thu, Mar 28, 2024 at 12:22:57PM -0400, Lee wrote:
> On Thu, Mar 28, 2024 at 1:11 AM tomas wrote:

[...]

> > Security means first and foremost understanding the threat.
> 
> Which I don't.  Hence the request for 'secure by default' instructions
> for Debian.  Even better would be a secure by default installation
> option.

This makes little sense. No threat analysis -- no security. Security
is always a relative (to the threat model) term, "security by default"
suggests something absolute. This ain't going to work.

Cheers
-- 
t

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: making Debian secure by default
  - From: Lee <ler762@gmail.com>

References:
- making Debian secure by default
  - From: Lee <ler762@gmail.com>
- Re: making Debian secure by default
  - From: <tomas@tuxteam.de>
- Re: making Debian secure by default
  - From: Lee <ler762@gmail.com>

Prev by Date: Re: making Debian secure by default
Next by Date: Re: making Debian secure by default
Previous by thread: Re: making Debian secure by default
Next by thread: Re: making Debian secure by default
Index(es):
- Date
- Thread